August 5, 2024 at 09:42AM
Researchers from Graz University of Technology have introduced SLUBStick, a Linux kernel exploitation technique that can increase the impact of heap vulnerabilities. This method can lead to privilege escalation and container escapes, even with modern defenses enabled. The technique demonstrates a success rate of more than 99% and has been tested on Linux kernel versions 5.19 and 6.2.
From the meeting notes, it is evident that a new Linux kernel exploitation technique called SLUBStick has been developed by a team of researchers from Graz University of Technology in Austria. This technique can significantly increase the impact of heap vulnerabilities by allowing an attacker to elevate a limited heap vulnerability to an arbitrary memory read/write primitive. The researchers have demonstrated that with modern defenses enabled, SLUBStick can be leveraged for privilege escalation and container escapes. They have also provided evidence of successful attacks against versions 5.19 and 6.2 of the Linux kernel, targeting nine known vulnerabilities discovered between 2021 and 2023 to demonstrate the potential for privilege escalation. The US cybersecurity agency CISA has recently warned users and organizations about Linux kernel vulnerabilities, with 14 flaws currently included in the agency’s Known Exploited Vulnerabilities Catalog. It is important for users and organizations to be aware of these vulnerabilities and take appropriate measures to mitigate the associated risks.